/**
 * 
 */
package kr.co.insoft.auth.security.handler;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import kr.co.insoft.auth.security.SecurityCookieService;

import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.logout.SimpleUrlLogoutSuccessHandler;

/**
 * @author IN-SOFT Inc. GoodwillDD(sylee@in-soft.co.kr)
 * 
 */
public class SecurityLogoutHandler extends SimpleUrlLogoutSuccessHandler {

	final SecurityCookieService cookieService;
	final String logoutUrl;

	public SecurityLogoutHandler(final SecurityCookieService cookieService,
			final String logoutUrl) {
		this.cookieService = cookieService;
		this.logoutUrl = logoutUrl;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see org.springframework.security.web.authentication.logout.
	 * SimpleUrlLogoutSuccessHandler
	 * #onLogoutSuccess(javax.servlet.http.HttpServletRequest,
	 * javax.servlet.http.HttpServletResponse,
	 * org.springframework.security.core.Authentication)
	 */
	@Override
	public void onLogoutSuccess(HttpServletRequest request,
			HttpServletResponse response, Authentication authentication)
			throws IOException, ServletException {
		this.setDefaultTargetUrl(logoutUrl);
		this.setTargetUrlParameter(logoutUrl);
		Cookie cookie = cookieService.createLogoutCookie();
		response.addCookie(cookie);
		authentication = null;
		super.onLogoutSuccess(request, response, authentication);
	}
}
